JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.42.116.172

192.42.116.172 was found in our database!

This IP was reported 80 times. Confidence of Abuse is 0%: ?

ISP	TOR EXIT AND MORE
Usage Type	Commercial
ASN	AS215125
Hostname(s)	s1.nothingtohide.nl
Domain Name	cyberology.nl
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.42.116.172

Whois 192.42.116.172

IP Abuse Reports for 192.42.116.172:

This IP address has been reported a total of 80 times from 41 distinct sources. 192.42.116.172 was first reported on October 12th 2023, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 arirabinowitz.com	2025-03-13 18:14:00 (1 year ago)	192.42.116.172 - - [10/Mar/2025:17:42:30 -0400] "POST /sdk HTTP/1.1" 404 29795 "-" "Mozilla/5.0 (com ... show more 192.42.116.172 - - [10/Mar/2025:17:42:30 -0400] "POST /sdk HTTP/1.1" 404 29795 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)" 192.42.116.172 - - [10/Mar/2025:17:42:30 -0400] "GET /nmaplowercheck1741642950 HTTP/1.1" 404 29795 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)" 192.42.116.172 - - [10/Mar/2025:17:42:31 -0400] "GET /evox/about HTTP/1.1" 404 29795 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)" 192.42.116.172 - - [10/Mar/2025:17:42:31 -0400] "GET /HNAP1 HTTP/1.1" 404 29795 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)" show less	Hacking Web App Attack
🇬🇷 Xev	2025-03-13 15:46:14 (1 year ago)	Unauthorized SSH/Telnet login attempt from 192.42.116.172 with user '' and password ''. Date: 2025-0 ... show more Unauthorized SSH/Telnet login attempt from 192.42.116.172 with user '' and password ''. Date: 2025-03-13T15:46:14Z Targeted device: Raspberry Pi show less	Brute-Force SSH IoT Targeted
🇬🇧 gurnip	2025-03-12 18:59:47 (1 year ago)	Vulnerability probe of page /HNAP1, not found on server.	Brute-Force Web App Attack
🇫🇷 security.rdmc.fr	2025-03-12 05:21:35 (1 year ago)	Port Scan Attack proto:TCP src:27598 dst:3306	Port Scan
🇦🇺 Ticketebo Pty. Ltd.	2025-03-12 02:17:30 (1 year ago)	$f2bV_matches	Brute-Force
Anonymous	2025-03-12 00:41:34 (1 year ago)		Port Scan
Anonymous	2025-03-11 23:48:52 (1 year ago)	Portscan	Port Scan
🇫🇷 Guardian	2025-03-11 14:57:05 (1 year ago)	Unauthorized connection attempt to SMTP Relay	Spoofing Brute-Force
Anonymous	2025-03-11 13:44:23 (1 year ago)	Port Scanner	Port Scan
🇺🇸 Axel	2025-03-11 10:50:22 (1 year ago)	SSH login attempts (endlessh): 2025-03-11T01:29:31.246Z ACCEPT host=::ffff:192.42.116.172 port=47234 ... show more SSH login attempts (endlessh): 2025-03-11T01:29:31.246Z ACCEPT host=::ffff:192.42.116.172 port=47234 fd=4 n=4/4096 show less	Brute-Force SSH
🇺🇸 Starburst SysOp Team	2025-03-11 08:07:00 (1 year ago)	[Tue Mar 11 08:07:44.590301 2025] [security2:error] [pid 3461061:tid 3461077] [client 192.42.116.172 ... show more [Tue Mar 11 08:07:44.590301 2025] [security2:error] [pid 3461061:tid 3461077] [client 192.42.116.172:33747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "nmap" at REQUEST_HEADERS:User-Agent. [file "/usr/local/apache/modsecurity-owasp-latest/coreruleset-4.12.0/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "56"] [id "913100"] [msg "Found User-Agent associated with security scanner"] [data "Matched Data: nmap found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)"] [severity "CRITICAL"] [ver "OWASP_CRS/4.12.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-scanner"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/118/224/541/310"] [tag "PCI/6.5.10"] [hostname "portal.starburstservices.com"] [uri "/nmaplowercheck1741680464"] [unique_id "Z8_vUJaZKzNNFjDW4fK3igAAAAo"] show less	Hacking Brute-Force Web App Attack
🇺🇸 Starburst SysOp Team	2025-03-11 08:07:00 (1 year ago)	[Tue Mar 11 08:07:44.594725 2025] [security2:error] [pid 3461063:tid 3461089] [client 192.42.116.172 ... show more [Tue Mar 11 08:07:44.594725 2025] [security2:error] [pid 3461063:tid 3461089] [client 192.42.116.172:33771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "nmap" at REQUEST_HEADERS:User-Agent. [file "/usr/local/apache/modsecurity-owasp-latest/coreruleset-4.12.0/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "56"] [id "913100"] [msg "Found User-Agent associated with security scanner"] [data "Matched Data: nmap found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)"] [severity "CRITICAL"] [ver "OWASP_CRS/4.12.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-scanner"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/118/224/541/310"] [tag "PCI/6.5.10"] [hostname "portal.starburstservices.com"] [uri "/sdk"] [unique_id "Z8_vULugtGbtNKppO8oSHgAAAIE"] show less	Hacking Brute-Force Web App Attack
🇺🇸 Axel	2025-03-11 01:29:35 (1 year ago)	SSH login attempts (endlessh): 2025-03-11T01:29:10.838Z ACCEPT host=::ffff:192.42.116.172 port=53257 ... show more SSH login attempts (endlessh): 2025-03-11T01:29:10.838Z ACCEPT host=::ffff:192.42.116.172 port=53257 fd=4 n=2/4096 show less	Brute-Force SSH
Anonymous	2025-03-10 22:47:56 (1 year ago)	Probing to gain illegal access	Web App Attack
Anonymous	2025-03-10 22:47:56 (1 year ago)	Probing to gain illegal access	Web App Attack

Showing 1 to 15 of 80 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.59

🇪🇸 149.86.233.213

🇺🇸 146.190.153.30

🇱🇹 45.227.254.170

🇺🇸 34.181.236.215

🇰🇷 222.110.147.58

🇳🇱 176.65.148.215

🇨🇳 175.175.156.36

🇺🇸 165.154.172.77

🇺🇸 162.243.162.251

🇺🇸 162.141.167.50

🇬🇧 155.254.38.224

🇵🇰 154.192.222.21

🇺🇸 143.198.225.197

🇨🇳 120.48.82.124

🇨🇳 117.172.106.105

🇷🇺 109.173.39.103

🇮🇳 103.182.132.154

🇧🇩 103.153.110.190

🇮🇳 103.102.117.56